AlmaLinux 10 : nfs-utils (ALSA-2026:3939)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:3939 advisory. nfs-utils: rpc.mountd in the nfs-utils privilege escalation CVE-2025-12801 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 10 : osbuild-composer (ALSA-2026:3752)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3752 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: archive/zip: Excessive CPU...

AlmaLinux 8 : postgresql:16 (ALSA-2026:4063)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4063 advisory. postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing...

AlmaLinux 9 : postgresql:16 (ALSA-2026:4110)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4110 advisory. postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing...

AlmaLinux 8 : postgresql:12 (ALSA-2026:4064)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4064 advisory. postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing...

AlmaLinux 8 : libvpx (ALSA-2026:3967)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:3967 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

AlmaLinux 9 : postgresql (ALSA-2026:3730)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3730 advisory. postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing...

AlmaLinux 10 : opentelemetry-collector (ALSA-2026:4174)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:4174 advisory. golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption in crypto/tls...

AlmaLinux 9 : kernel (ALSA-2026:3966)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3966 advisory. kernel: Linux kernel iouring: Local privilege escalation, information disclosure, or denial of service via use-after-free CVE-2025-38106 kernel: macvlan:...

Important: opentelemetry-collector security update

Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fixes: golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption in crypto/tls CVE-2025-68121 For more details about the security issues,...

AlmaLinux 10 : udisks2 (ALSA-2026:3476)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3476 advisory. udisks: Missing Authorization Check Allows Unprivileged Users to Back Up LUKS Headers via udisks D-Bus API CVE-2026-26104 udisks: Missing Authorization...

AlmaLinux 8 : mingw-fontconfig (ALSA-2026:3407)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:3407 advisory. expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing CVE-2025-59375 Tenable has...

AlmaLinux 10 : postgresql16 (ALSA-2026:3887)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3887 advisory. postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing...

AlmaLinux 10 : valkey (ALSA-2026:3443)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3443 advisory. Valkey: Valkey: Data tampering and denial of service via improper null character handling in Lua scripts CVE-2025-67733 valkey: Valkey: Denial of Service...

AlmaLinux 10 : delve (ALSA-2026:3864)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3864 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion in...

AlmaLinux 10 : libpng (ALSA-2026:3551)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3551 advisory. libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API CVE-2026-22801 libpng: libpng: Denial of...

AlmaLinux 8 : thunderbird (ALSA-2026:3515)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3515 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs...

AlmaLinux 9 : git-lfs (ALSA-2026:3928)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3928 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion in...

AlmaLinux 10 : go-rpm-macros (ALSA-2026:3669)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:3669 advisory. golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 Tenable has extracted the preceding description block directly from the...

AlmaLinux 8 : kernel-rt (ALSA-2026:3463)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:3463 advisory. kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration CVE-2026-23097 Tenable has extracted the preceding description block directly...